+1-888-365-2779
Try Now
More in this section

Forums / Bugs & Issues / Sitefinity 4.2 constantly getting hacked

Sitefinity 4.2 constantly getting hacked

7 posts, 0 answered
  1. Scott
    Scott avatar
    5 posts
    Registered:
    03 Oct 2008
    24 Feb 2015
    Link to this post
    I have a site that keeps getting hacked and I have gone through all the security blogs and implemented everything suggested. Are there any know vulnerabilities regarding script injection or posting of data that someone could share to help me stop this. I've looked through the IIS logs and Sitefinity logs and don't see anything that stands out other that web crawlers. I have the database in read-only at this point to stop it but obviously that's not a solution. 
  2. Sabrie Nedzhip
    Sabrie Nedzhip avatar
    534 posts
    Registered:
    26 Sep 2016
    27 Feb 2015
    Link to this post
    Hi Scott,

    Can you please provide some additional information on what do you mean by saying that your Sitefinity website is hacked? What is the misbehavior you are observing and the exact issues you are experiencing which leads you to think that your website has been hacked?

    Regards,
    Sabrie Nedzhip
    Telerik
     
    Do you want to have your say in the Sitefinity development roadmap? Do you want to know when a feature you requested is added or when a bug fixed? Explore the Telerik Sitefinity CMS Ideas&Feedback Portal and vote to affect the priority of the items
     
  3. Scott
    Scott avatar
    5 posts
    Registered:
    03 Oct 2008
    27 Feb 2015
    Link to this post

    They are somehow able to update the content with urls, text etc. on all pages that eventually causes the error people often get below. I have to restore an older good copy of the DB for the site to work again. When I look at the content tables all pages are appended to. Somehow they are able to save that even though I have altered all passwords, commit privileges etc. Also this IIS instance has lots of other sites that operate with no problem so it is definitely related to Sitefinity.

    Invalid root node configured for pages. No root node with the name of "FrontendSiteMap".

  4. Sabrie Nedzhip
    Sabrie Nedzhip avatar
    534 posts
    Registered:
    26 Sep 2016
    04 Mar 2015
    Link to this post
    Hello Scott,

    Regarding the error message "Invalid root node configured for pages. No root node with the name of "FrontendSiteMap"", can you please take a look at the following KB article for more details about the cause for the issue and check the suggestions there.

    Regards,
    Sabrie Nedzhip
    Telerik
     
    Do you want to have your say in the Sitefinity development roadmap? Do you want to know when a feature you requested is added or when a bug fixed? Explore the Telerik Sitefinity CMS Ideas&Feedback Portal and vote to affect the priority of the items
     
  5. Scott
    Scott avatar
    5 posts
    Registered:
    03 Oct 2008
    04 Mar 2015
    Link to this post
    Did you read any of the previous posts? The site is being hacked and content is being added to pages causing that generic error. I know what is causing the issue, the question is how are they doing it.
  6. Scott
    Scott avatar
    5 posts
    Registered:
    03 Oct 2008
    05 Mar 2015
    Link to this post

    Just go hacked again. They were able to edit the sf_list_items table and change the app_name column before I was able to stop the site.

     Example of edited field: 

     /Lists</title><style>.aqqq{position:absolute;clip:rect(431px,auto,auto,406px);}</style><div class=aqqq><a href=http://genericcialisasui.com >is cialis available in generic</a></div></title><style>.aqqq{position:absolute;clip:rect(431px,auto,auto,406px);}<

  7. Scott
    Scott avatar
    5 posts
    Registered:
    03 Oct 2008
    07 Mar 2015
    Link to this post
    2 previous posts are not showing
7 posts, 0 answered